How a Web site can ask users to sign in with their Google accounts. Android and iOS apps follow a similar process.
Google

Google has just made its Google+ platform much more social.

The company today will announce a significant new challenge to Facebook and Twitter by allowing Google accounts to be used when signing into apps and Web sites, a move that could weave Google accounts more tightly into the fabric of the Internet.

Mobile and Web developers will be able to accept Google sign-ins and -- depending on the permissions that the app requests and the user chooses to authorize -- gain access to Google+ social sharing. This follows the lead of other services such as Google Drive and Google Calendar that already have permitted developers full access.

"This is one of the most significant launches that has come out of the Google+ platform," David Glazer, engineering director at Google+, told CNET.

Glazer offered the example of Fitbit, the personal fitness startup in San Francisco that's one of the companies that Google worked with prior to today's announcement.

Fitbit previously permitted people to create a new account or sign in with Facebook; it now will also allow sign-ins with Google accounts, complete with the customary security procedures including two-step authentication, if enabled. Fitbit customers can elect to share information through Google+ with specific people, certain circles, or nobody else at all.

Some of the other companies that have already incorporated Google+ sign-ins are TheFancy.com, Flixster.com, the UK Guardian newspaper, and USA Today. Michael Silverman, co-founder of TheFancy.com, said in a new YouTube video that Google+ is a "better" way to sign on to his company's site because "you don't have to create a whole new username and password -- you just click the button and you're ready to go."

Even though its social platform is approaching its two-year anniversary, Google has lagged behind its competitors when offering third-party sign-ins: Facebook Connect is a little over four years old, and Twitter has permitted sign-ins since 2009. LinkedIn offers a similar sign-in option.

"No social spam!" Today's announcement partially responds to complaints that there has been no way for third-party developers to allow their users to post updates or news to Google+.

Google has moved cautiously, even slowly, in opening up its social network to developers. In September 2011, Google offered a limited API for only public Google+ data, and followed it with Google+ history access last summer.

Google+ head Vic Gundotra wrote last August that he was responsible for limiting third-party developers' write access to the service. His explanation: "I've repeatedly stated the reason -- I'm not interested in screwing over developers. When we open an API, we want developers to feel confident that the innovations they build are going to be long lasting. Releasing an API, and then later changing the rules of the game isn't fun for anyone, especially developers who've spent their life's energies building on the platform."

The problem, of course, is that your Google+ stream could be overwhelmed if third-party apps or Web sites post too frequently. It presents a Facebook EdgeRank-like challenge: how to balance users' desires to share with a desire by friends, family, and colleagues not to be spammed with dozens of app-generated messages an hour?

Glazer, the Google engineering director, said that his employer is confident that its algorithms can do a good job of finding that balance: "This is about taking relevance and applying it to social sharing....The principle is making the information available in the right place at the right time."

The way Glazer described it to CNET is that apps and Web sites will be able to post automatically to a page that can be viewed by someone visiting your Google+ home page and then clicking on the app's or site's icon -- essentially, an anti-spam-by-obscurity strategy.

Apps can also offer the option of sharing items with specific Google+ users, which will appear in their recipients' streams and not be relegated to obscurity. That form of more aggressive sharing requires affirmative user consent.

Today's announcement has a few twists:

• On Android devices only, using your Google account to sign into a Web site gives you the option to have that site's app automatically downloaded and installed on your mobile phone. You also have the option to decline. Apple does not allow that flexibility for iOS devices.

• Developers who are using custom programming environments -- for cross-platform coding, for instance -- may not benefit from the iOS or Android SDKs until those environments are updated. But they can still use Web-based authentication. (Details will be posted at developers.google.com/+.)

• Google+ streams now feature "interactive" posts with buttons that can trigger another app when tapped from a mobile device. Tapping the "Listen" button from an NPR Google+ post might launch NPR's app, for instance. Developers can select from a palette of about 100 different pre-defined buttons but are not currently permitted to create their own.

Disclosure:CNET's Declan McCullagh is married to a Google employee not involved with this project

About the author

Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
See full bio